The present disclosure relates to computer security, and, more specifically, to intrusion detection systems.
Computer security systems preserve confidentiality of data (e.g., protecting against a privacy breach), integrity of data (e.g., protecting against data corruption), and availability of data (e.g., protecting against disrupted functionality) stored in, executed on, and/or communicated between computer systems. Nonetheless, unauthorized intrusions into computer systems can result in compromised data and/or limited functionality.
Unauthorized intrusions can utilize a variety of attack vectors such as, but not limited to, workstation infestation, credential theft, exploitation (e.g., buffer overflows, stack overruns, etc.), vulnerabilities (e.g., exploiting coding weaknesses of applications, kernels, etc.), and escape-to-host attacks.